On 30/11/2018 11:37, ѽ҉ᶬḳ℠ via Unbound-users wrote: > With hyperlocal (RFC7706) requiring the root zone DNS server ip addresses > listed > as master in auth-zone and since this information is already provided (and > automatically updated) in root-hints would it not make sense to utilise it > for > RFC7706 in auth-zone, something like?: > >> auth-zone: >> name: . >> master: path/to/root-hints > > This way whenever an ip in root-hints gets updated it is available for > RFC7706 > too. Of course I do not know whether parsing those ip from root-hint is > feasible > and how much it would bloat the code and the ratio/cost of coding/testing > effort > vs. actual user benefit/advantage.
No, this is a bad idea, for several reasons: 1. Not all the root servers provide zone transfer. It would be pointless for unbound to add them to the list of masters, when XFR from several of them will just fail continuously. 2. Even if this were implemented, it would only be useful for the root zone. However, the "auth-zone" feature can work for any zone at any level in the DNS tree. Therefore, adding code to look at the hints for just the root zone is a very special case, and does not deserve the extra code. Regards, Anand
